spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: overall paradigm shift in email, plus rambling philosophical discussion

2004-06-20 21:49:50
from [Koen Martens] [Permanent Link] 


On Mon, Jun 21, 2004 at 12:06:35PM +1000, Chris Drake wrote:

I've lost at *least* 5 emails that I know of in the last 14 days, all
apparently destroyed by SPF filters WITHOUT ANY WARNING TO ME.


This can not be the case. SPF filters either accept or bounce messages,
they do not destroy.


You need to go back to your drawing board ASAP and figure out what
you've done wrong, because SPF has multiplied my "false positives" by
at least an order of magnitude.


Just curious, why do you think SPF has multiplied your false positives?
I myself have SPF for a while now (with the -all mind you) and have as
of yet not lost any mail.


Maybe you can also explain what exactly your pobox.com's SPF records
are even being published for in the first place?  You have no control
over what SMTP servers your customers use, and no control over how
recipient mail servers process your SPF records - so you should never
be publishing these on your forwarding service at all, or am I missing
something, or did you just publish wrong, or did you forget to specify
a mechanism (eg: "+any") to allow any SMTP server to send mails from a
domain, or what???


You are definetely missing a clue here:

;; QUESTION SECTION:
;pobox.com.                     IN      TXT

;; ANSWER SECTION:
pobox.com.              86400   IN      TXT     "v=spf1 mx
mx:fallback-relay.pobox.com a:smtp.pobox.com a:emerald.pobox.com ?all"

So pobox publishes ?all, which means no message should be bounced, all
messages from pobox.com should be accepted, whether forged or not. If
some of the recipient email servers decide not to do so, they are in
violation of the spf specification. This is the same as the cops
arresting the criminal without flashing their guns, but when the
criminal arrives at the jail, the jail warden decide too shoot the
criminal anyway without letting anyone know. 

Koen

-- 
K.F.J. Martens, Sonologic, http://www.sonologic.nl/
Networking, embedded systems, unix expertise, artificial intelligence.
Public PGP key: http://www.metro.cx/pubkey-gmc.asc
Wondering about the funny attachment your mail program
can't read? Visit http://www.openpgp.org/

-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Send us money!  http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com

Attachment: pgpGZJhHkersN.pgp
Description: PGP signature

[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: a grand unified theory of MARID (blame me!), Greg Connor
Next by Date:  Re: overall paradigm shift in email, plus rambling philosophical discussion, Koen Martens
Previous by Thread:  Re: overall paradigm shift in email, plus rambling philosophical discussion, Daniel Taylor
Next by Thread:  Re: overall paradigm shift in email, plus rambling philosophical discussion, Paul Howarth
Indexes:  [Date] [Thread] [Top] [All Lists]